In re: ' Brabson, et al. 
Serial No.: 10/007,446 
Filed: December 5 , 2001 
Page 6 of 1 1 

REMARKS 

Applicants appreciate the thorough examination of the present application that is 
evidenced in the Official Action of October 5, 2005 (the "Official Action"). 

Status of the Claims 

In the Official Action, Claims 1,17 and 18 were provisionally rejected under the doctrine 
of double patenting over claims 1, 24, and 26 of copending Application No. 10/007,593. Claims 
1-8, 10, 11, 14, 17 and 18 were rejected under 35 U.S.C. § 102(b) as being anticipated by U.S. 
Patent No. 6,131,163 to Wiegel (hereinafter "Wiegel"). Claims 9 and 13 were rejected under 35 
U.S.C § 103(a) as unpatentable over Wiegel in view of U.S. Patent No. 5,845,068 to Winiger 
(hereinafter "Winiger"). Claim 12 was rejected under 35 U.S.C § 103(a) as unpatentable over 
Wiegel in view of User Manual mod_ssl version 2.6 (hereinafter "Mod_SSL"). Claim 15 was 
rejected under 35 U.S.C § 103(a) as unpatentable over Wiegel in view of U.S. Pre-Grant 
Publication No. 2002/01 16605 to Berg (hereinafter "Berg"). Claim 16 was rejected under 35 
U.S.C § 103(a) as unpatentable over Wiegel in view of T. Dierks et al, "Network Working Group 
Request For Comments 2246, The TLS Protocol" (hereinafter "Dierks"). 

The Claims Are Patentable Over Wiegel 

Wiegel discloses a system for a network gateway that provides computer data security 
using a protocol stack proxy. See Wiegel, Abstract. In particular, Wiegel is addressed to a 
system for detecting whether requests to a system are accurate, valid and come from an 
authorized system. Weigel, col. 1, 11. 47-50. That is, Wiegel is concerned with repelling 
unauthorized requests and malicious attacks originating outside a computer system. See Wiegel, 
col. 1,11.51-55. 

In addition, the system of Wiegel includes a Security Reference Monitor (SRM) 210 that 
appears to provide authentication of users and applications when accessing or creating objects. 
See Wiegel, col. 6, 11. 29-37. 

However, in contrast to Claim 1, Wiegel does not appear to be directed to securing 
communications of an application program. For example, Wiegel does not appear to provide a 
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system for selectably encrypting communications of an application program, as recited in 
Amended Claim 1 . 

In contrast to Wiegel, Amended Claim 1 recites "selectably encrypting at least one 
communication of the executing application program using the provided security processing in 
the operating system kernel, under conditions specified by the security policy information." 
(emphasis added). Amended Claims 17 and 18 contain similar recitations. 

Accordingly, Applicants respectfully submit that Amended Claims 1,17 and 18 are not 
anticipated by Wiegel for at least these reasons, and requests that the rejection of Claims 1,17 
and 18 be withdrawn. Dependent Claims 2-8, 10, 1 1, 14 also stand rejected under 35 USC 
§ 102(b) as being anticipated by Wiegel. These claims are patentable at least per the patentability 
of Amended Claim 1 . 

Many of the Dependent Claims Are Separately Patentable 

Dependent Claims 2-16 are patentable at least as per the patentability of Amended Claim 
1. However, many of the dependent claims are separately patentable. 

For example, Claims 9 and 13 stand rejected under 35 U.S.C § 103(a) as unpatentable 
over Wiegel in view of Winiger. These claims are patentable at least per the patentability of 
Amended Claim 1 . In addition, these claims are separately patentable, as Wiegel and Winiger 
cannot be properly combined to produce the inventions recited in Claims 9 and 13. 

To establish a prima facie case of obviousness, the prior art reference or references when 
combined must teach or suggest all the recitations of the claims, and there must be some 
suggestion or motivation, either in the references themselves or in the knowledge generally 
available to one of ordinary skill in the art, to modify the reference or to combine reference 
teachings. See M.P.E.P. § 2143. The mere fact that references can be combined or modified 
does not render the resultant combination obvious unless the prior art also suggests the 
desirability of the combination. See M.P.E.P. § 2 143.01 (citing In re Mills, 916 F.2d 680, 16 
U.S.P.Q.2d 1430 (Fed. Cir. 1990)). As emphasized by the Court of Appeals for the Federal 
Circuit, to support combining references, evidence of a suggestion, teaching, or motivation to 
combine must be clear and particular, and this requirement for clear and particular evidence is 
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not met by broad and conclusory statements about the teachings of references. In re Dembiczak, 
50 U.S.P.Q.2d 1614, 1617 (Fed. Cir. 1999). In another decision, the Court of Appeals for the 
Federal Circuit has stated that, to support combining or modifying references, there must be 
particular evidence from the prior art as to the reason the skilled artisan, with no knowledge of 
the claimed invention, would have selected these components for combination in the manner 
claimed. In re Kotzab, 55 U.S.P.Q.2d 1313, 1317 (Fed. Cir. 2000). 

The Official Action states that Winiger teaches utilizing an identifier code, as recited in 
Claim 9, and that Winiger further teaches only the socket of a port being utilized as being secure, 
as recited in Claim 13. Official Action, p. 6. The Official Action states that it would have been 
obvious to combine Wiegel and Winiger because "Winiger attempts to secure access to dominant 
ports to protect attribute information from attack." Official Action, p. 6. Applicants submit that 
this statement does not provide a clear and particular teaching that suggests the desirability of the 
combination of Wiegel and Winiger as required by the decisions of the Court of Appeals for the 
Federal Circuit. Instead, this appears to be simply a restatement of a passage from Winiger at 
col. 3, 11. 27-29. 

As discussed above, Wiegel relates to a system for blocking unauthorized requests to a 
computer system. See Wiegel col. 1, 11. 51-55. Winiger relates to a securing multilevel port 
system on a computer to permit contemporaneously opening a plurality of sockets having the 
same port number. See Winiger, Abstract. 

Accordingly, Applicants submit that a person of skill would not combine the teachings of 
Wiegel and Winiger to produce the invention of Claim 9 and/or 13. However, even if they are 
combined, the combination does not teach each and every limitation of Claim 9 and/or Claim 13. 
For example, Claim 9 recites selectably securing encrypting at least one communication of an 
executing application program using a provided security processing in an operating system 
kernel, under conditions specified by security policy information, wherein the conditions 
comprise one or more client identifiers. The Official Action states that Winiger teaches utilizing 
an "identifier code." However, the "identifier code" of Winiger appears to refer to an identifier 
for port endpoints, rather than a client identifier as recited in Claim 9. See Winiger, col. 3, 11. 3 1 - 
40. 
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Likewise, Claim 13 recites selectably securing encrypting at least one communication of 
an executing application program using a provided security processing in an operating system 
kernel, under conditions specified by security policy information, wherein, when a result of 
evaluating the security policy information so indicates, communications on only some sockets of 
a port are encrypted (emphasis added). As neither Winiger nor Wiegel relates to encryption of 
communications, Applicants respectfully submit that Claim 13 is patentable over Wiegel and 
Winiger, alone or in combination, for at least these additional reasons. 

Claim 15 stands rejected under 35 U.S.C § 103(a) as unpatentable over Wiegel in view of 
Berg. Claim 15 is patentable at least per the patentability of Amended Claim 1 . In addition, 
Claim 15 is separately patentable, as Wiegel and Berg cannot be properly combined to produce 
the invention recited in Claims 15. 

Berg appears to be related to the operation of server farm information processing 
systems. See Berg., para. [0003]. In particular, Berg appears to relate to providing for 
scalability of bandwidth connections to a server farm (Berg, para. [0071]) by performing load- 
balancing of socket application client requests. See, e.g., Berg, para. [0099]. While a server 
farm may require security processing to process secure socket layer (SSL) communications, such 
processing is handled in the system of Berg by an intelligent network interface card (iNIC). See 
Berg, para. [0206]. The iNIC is distinct from the operating system of the server. See Berg, Fig. 
3. By performing security processing in an iNIC as opposed to an operating system kernel, Berg 
teaches away from Amended Claim 15, which recites selectably securing encrypting at least one 
communication of the executing application program using the provided security processing in 
the operating system kernel. Thus, it would be improper to combine Wiegel and Berg as 
indicated in the Official Action. 

Even if Wiegel and Berg were combined, the combination would not teach each and 
every limitation of Amended Claim 15. The Official Action states that Berg teaches a method 
wherein SSL is utilized. However, Claim 15 recites that the provided security processing (i.e. 
the security processing in the operating system kernel) implements Secure Sockets Layer to 
selectably encrypt at least one communication of the executing application program. The cited 
portion of Berg does not appear to teach or suggest these limitations, alone or in combination 
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with Wiegel. Accordingly, Applicants submit that Claim 15 is patentable over Wiegel and Berg, 
alone or in combination, for at least these additional reasons. 

The remaining dependent claims are patentable at least as per the patentability of 
Amended Claim 1 . 

The Double Patenting Rejection 

The Official Action states that Claims 1,17 and 18 of the present application are not 
patentably distinct from claims 1, 24 and 26 of copending Application serial no. 10/007,593 
because '"under conditions specified by the security policy information' is not an active step to 
further limit the claim." Official Action, p. 2. Applicants respectfully disagree with this 
assertion. As explained in the specification, security policy information may be used to provide 
conditions for security processing, according to some embodiments of the invention. See App., 
p. 15, 1. 11 to p. 17, 1. 9. The use of security policy information may provide flexible and 
uniform treatment of security throughout an enterprise. App., p. 15, 1. 7 to p. 16, 1. 6. Security 
policy information established by an administrator may be used to enable security processing for 
particular ports, jobs, clients, source/destination addresses, etc., App., p. 15, 1. 7 to p. 16, 1. 13. 
Accordingly, the use of security policy information "provides fine grained control for both server 
and client applications." App., p. 16, 11. 7-8. Such control may be exercised by a system 
administrator to provide a consistent policy for all applications. App., p. 15, 1. 7 to p. 16, 1. 6. 

As neither security policy information nor the use of security policy information to 
specify conditions for security processing is recited in claim 1, 24 or 26 of Application serial no. 
10/007,593, Applicants respectfully request that the provisional double patenting rejection be 
withdrawn. 

Amendments to the Claims to Address Certain Formalities 

Claims 1, 4, 6-13, and 16 have been amended to provide minor corrections to certain 
formalities. For example, Claims 1, 10, 12 and 13 have been amended to remove the recitations 
of "step." Claims 4 and 6-9 have been amended to change "include" to "comprise." Claim 16 has 
been amended to correct the reference to "Transport Layer Security." Claims 10, 1 1 and 13 have 
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been amended to conform with amendments to Claim 1 . No new matter has been introduced by 
these amendments. 



In light of the above amendments and remarks, Applicants respectfully submit that the 
above-entitled application is in condition for allowance. Favorable reconsideration of this 
application is respectfully requested. If, in the opinion of the Examiner, a telephonic conference 
would expedite the examination of this matter, the Examiner is invited to call the undersigned 
attorney at (919) 854-1400. 



Customer Number 46589 

Myers Bigel Sibley & Sajovec, P.A. 
P.O. Box 37428 
Raleigh, NC 27627 
919-854-1400 
919-854-1401 (Fax) 



CONCLUSION 



Respectfully submitted, 
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